1. Field of the Invention
The present invention relates to analysis of problematic behavior of users of a data communication network, and to a security technique using this analysis.
2. Description of the Related Art
In networked organizations, problem behavior of organization staff using the network has, especially in recent years, raised problems regarding information security. Examples of well-known problems range from private browsing of web pages and private use of network resources such as a private-use mail, to the leaking of information to outsiders.
As a countermeasure for preventing organization staff from illicitly using the organization network, a filtering techniques have been used. In a typical filtering technique, filter rules such as a uniform resource locator (URL) which is an access limitation object and addresses to which electronic mails cannot be transmitted are registered beforehand in a gateway disposed between an in-company LAN and Internet. With issuance of an HTTP request or electronic mail which infringes on the filter rule from the LAN, the request or mail is not transmitted outside the LAN blocked by the gateway.
Moreover, in Japanese Patent Application Laid-Open No. 2000-22739, an electronic mail system is disclosed in which filtering processing is used to prevent the leaking of information. In the processing, transmission of the electronic mail is permitted only when transmitter (sender) and transmission destination (recipient) of the electronic mail prepared by a user agree with a pre-registered pair of the transmitter and transmission destination.
This filtering processing is effective in that access to websites or transmission of mail can be limited. However, in actuality, because there are many websites and electronic messages for which it is unclear whether or not a problem is presented, if access to all such sites or mail is uniformly limited, there is a possibility that legitimate business will be obstructed.